Compliance & Security IT Manager

Executive Option, LLC
Las Vegas, United States of America
19 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior
Compensation
$ 75K

Job location

Las Vegas, United States of America

Tech stack

Amazon Web Services (AWS)
Azure
Cloud Computing Security
Computer Security
Data Security
Identity and Access Management
Intrusion Detection Systems
Network Security
Network Configuration and Change Management
PCI Data Security Standards
Role-Based Access Control
Phishing
Security Information and Event Management
Software Vulnerability Management
Cloud Platform System
Reliability of Systems
Information Technology
Qualys
Vulnerability Analysis

Job description

  • Compliance & Security IT Manager (Onsite | Las Vegas, NV), We're seeking a highly skilled and hands-on Compliance & Security IT Lead

to lead onsite technology operations for a fast-growing, publicly traded software company. This role is ideal for someone who thrives in a collaborative, high-performance environment - balancing technical execution with operational leadership and compliance oversight.

As the onsite Compliance & Security IT Lead, you'll ensure system reliability, maintain compliance, and deliver exceptional end-user experiences across a modern cloud-based environment.

Own all IT compliance frameworks - including HIPAA, PCI-DSS, SOX (Type 1 & 2), SOC-2, ISO 27001, and Cyber Insurance - ensuring continuous readiness and zero material audit findings.

Lead audit cycles end-to-end: manage evidence collection, coordinate with external auditors and third-party vendors, and track remediation of all findings.

  1. Manage endpoint detection and response (EDR) tools (e.g., CrowdStrike, Tenable) to monitor corporate endpoints across all entities, triage alerts, and drive incident response.

  2. Conduct proactive threat hunting to identify and neutralize hidden threats. Own the incident response process including forensics and root cause analysis.

  3. Implement and maintain RBAC frameworks and access governance controls across all IT systems for Skillz, Beamable, and RZR.

  4. Own and maintain GIS policy documentation, ensuring security practices are current and aligned with organizational needs.

  5. Lead the employee security awareness program including phishing simulations, training modules, and regular reviews.

  6. Conduct new vendor security assessments and maintain ongoing vendor risk management.

  7. Participate in the Security Council and fulfill SEC-related security reporting requirements.

  8. Collaborate with Legal and People Ops on investigations, including lawsuits and internal inquiries.

Requirements

Do you have experience in Vulnerability scanning implementation?, Do you have a Bachelor's degree?, 1. Compliance Framework Expertise: Deep, hands-on experience with HIPAA, PCI-DSS, SOX, SOC-2, ISO 27001, and Cyber Insurance requirements. Able to manage multiple frameworks simultaneously across multiple entities.

  1. Audit Leadership: Proven track record of leading successful audit cycles with external auditors, closing findings, and maintaining continuous audit readiness.

  2. Endpoint & Network Security: Proficiency with EDR tools (CrowdStrike, Tenable), SIEM systems, IDS/IPS, firewall management, and network security principles.

  3. Cloud Security: Understanding of securing cloud environments across AWS, Azure, or GCP including access controls, network configuration, and storage security.

  4. Access Governance & RBAC: Experience designing and implementing role-based access control frameworks and access review processes.

  5. Incident Response: Ability to lead incident response, perform forensic analysis, and drive root cause remediation.

  6. Cross-Entity Collaboration: Comfort working across multiple business units or subsidiaries with different toolsets, risk profiles, and compliance obligations.

  7. Independent Execution: Self-directed and highly organized; able to manage competing compliance deadlines without close supervision. US-hours availability for auditor and vendor interaction.

Experience:

  1. BA/BS in Computer Science, Information Security, or a related field, or equivalent practical experience.

  2. 7+ years of hands-on experience in IT security and compliance roles, including direct ownership of audit cycles.

  3. Demonstrated experience with at least three of the following frameworks: HIPAA, PCI-DSS, SOX, SOC-2, ISO 27001, Cyber Insurance.

  4. Practical experience with leading EDR, SIEM, and vulnerability management tools (e.g., CrowdStrike, Tenable, Qualys, or equivalent).

  5. Experience working across multiple business entities or subsidiaries is strongly preferred.

Apply for this position